I really don't think it's necessary to go to the great lengths discussed in the previous two writeups. It certainly won't hurt and, if you've got the time, patience, and resources, then by all means, be as paranoid as you can be. But I personally wouldn't go quite so far.

If I had some extremely sensitive data that I absolutely did not want to fall into anyone's hands (the FBI included), I would try to memorize it. Of course, this won't work for certain things, such as binary data (unless you've got an incredible memory). If memorization is not an option, then I'd take the following steps:

  1. Good, strong crypto

    These days, public key encryption is very easy to use and also very secure. As long as you've got a good strong passphrase, a key of at least 2,048 bits or more, and an algorithm that can generate purely random numbers, the chances that anyone, even a government agency like the FBI, will be able to crack your encryption are very, very slim. Almost zero.

    PGP is well-suited for this and, depending on the version you use and your system configuration, can generate very pure random numbers by measuring the latency between pseudo-random keypresses or mouse movements and filtering out any discernible natural pattern (this is a simplistic description, but you get the idea).

    However, do remember that you can be subpoenaed and, depending on this situation, you may be legally required to provide the court with your encryption passphrase or key. This is a very grey area of the law, although the U.S. Constitution does give you the right not to testify against yourself (if you're a U.S. citizen and are charged with a crime in the U.S., that is).

  2. The old "Electromagnetic Doorframe" trick1

    Electromagnets are fairly simple devices, and easy to build. This is an idea that I've blatantly stolen from the excellent book Cryptonomicon, by Neal Stephenson. It's quite simple. Make sure that your sensitive data is stored (encrypted, of course) only on magnetic media (hard drives, floppy disks, etc. -- not CD-ROMs). Then keep all of this magnetic media in a single room that has only one door and, preferably, no windows.

    Disassemble the doorframe leading into the room and rig up a good strong electromagnet all the way around it. Wire the magnet to the building's electrical system and also, preferably, to some sort of backup power-source. Leave it on all the time, and be careful not to carry any magnetic media through it that you don't want to have scrambled.

    This won't guarantee that your data is safe, but it will do a good job of scrambling your data thoroughly if anyone tries to carry your computer out the door. This combined with good strong crypto may just be enough to keep prying eyes away. That said, it's still a good idea not to store anything anywhere, if at all possible; but when you absolutely have to, a disk-scrambling electromagnet will be a big help in keeping people out of your secret data.

  3. Don't get caught

    Perhaps not quite as easy as it sounds, but seriously: try your best not to bring attention to yourself. Don't give the FBI (or anyone else) a reason to want your secret data. Be as invisible as possible. This shouldn't be your only form of security (everyone knows security through obscurity really isn't security), but you should keep a low profile in addition to taking the steps mentioned above to ensure that your secrets stay secret.

Of course, there are other concerns than just protecting your stored data. Van Eck Phreaking is easier and easier to do these days, so you may want to take steps to prevent that as well. It's also not unheard of for encryption algorithms or random number generation algorithms to contain flaws that make it easier for crackers to decrypt your data.

So be careful, and trust no one. And no software.


1shazamed has pointed me to a very informative paper that explains why an electromagnet -- even an extremely strong one -- will not always be effective at erasing magnetic media to such an extent that the data is impossible to recover. You can read the paper here: http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/